[go: up one dir, main page]
Scribd
Upload
120 views15 pages

Secure Electronic Transaction (SET)

SET is an open encryption specification designed to securely transmit credit card transactions over the Internet. It provides confidentiality, integrity, and authentication for all parties in a transaction through the use of digital certificates and encryption. Key features include encrypting payment information, verifying identities of the cardholder and merchant, and facilitating a secure payment process in three steps: purchase request, payment authorization, and payment capture.

Uploaded by

Vasantha Kumari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
120 views15 pages

Secure Electronic Transaction (SET)

SET is an open encryption specification designed to securely transmit credit card transactions over the Internet. It provides confidentiality, integrity, and authentication for all parties in a transaction through the use of digital certificates and encryption. Key features include encrypting payment information, verifying identities of the cardholder and merchant, and facilitating a secure payment process in three steps: purchase request, payment authorization, and payment capture.

Uploaded by

Vasantha Kumari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 15

Secure Electronic Transaction

(SET)
Secure Electronic Transaction

• SET is an open encryption and security


specification designed to protect credit card
transactions on the Internet.
• SET provides three services:
– Provides a secure communications channel among
all parties involved in a transaction
– Provides trust by the use of X.509v3 digital
certificates
– Ensures privacy because the information is only
available to parties in a transaction when and where
necessary
Requirements
• Provide confidentiality of payment and ordering information
• Ensure the integrity of all transmitted data
• Provide authentication that a cardholder is a legitimate user of a
credit card account
• Provide authentication that a merchant can accept credit card
transactions through its relationship with a financial institution
• Ensure the use of the best security practices and system design
techniques to protect all legitimate parties in an electronic
commerce transaction
• Create a protocol that neither depends on transport security
mechanisms nor prevents their use
• Facilitate and encourage interoperability among software and
network providers
Key Features of SET
• Confidentiality of information
• Integrity of data
• Cardholder account authentication
• Merchant authentication
Secure Electronic Commerce
Components
sequence of events that are required
for a transaction
1. The customer opens an account
2. The customer receives a certificate
3. Merchants have their own certificates
4. The customer places an order
5. The merchant is verified
6. The order and payment are sent
7. The merchant requests payment authorization
8. The merchant confirms the order
9. The merchant provides the goods or service
10. The merchant requests payment
SET Transactions
Dual Signature
SET Transaction Types
• Cardholder • Authorization reversal
registration • Capture reversal
• Merchant registration
• Credit
• Purchase request
• Credit reversal
• Payment authorization
• Payment gateway
• Payment capture
certificate request
• Certificate inquiry and
status • Batch administration
• Purchase inquiry • Error message
Payment Processing
1. Purchase request
2. Payment authorization
3. Payment capture
1. Purchase request

• Initiate Request
• Initiate Response
• Purchase Request
– Purchase-related information
– Order-related information
– Cardholder certificate
• Purchase Response
1. Purchase request
Merchant Verifies Customer Purchase
Request
2. Payment Authorization
• Authorization Request
– Purchase-related information
– Authorization-related information
– Certificates
• Authorization response
– Authorization-related information
– Capture token information
– Certificate
3. Payment capture

• capture request
• capture response

You might also like